Hacker News new | past | comments | ask | show | jobs | submit | IcePic's comments login

While it is nice to have quick charging, I find the "medium" quick charging to be completely fine for my usage. It "forces" me to take a short rest every 2-3h to go from 10->50-ish percent, while I'm using restrooms and/or taking our dog for a really short walk. I get that some people, at some time need to drive copious amounts of distance and can't wait to move on, but driving with family and pets on long journeys for me, mostly means those breaks are going to be needed and appreciated and the charging is just not noticeable as a time sink at all.

I'm sure this will help them sell a few more units, especially to people who hasn't owned EVs before, but you figure out quite quickly that the range-anxiety you had before buying it wears off really fast afterwards.


You could use a self signed cert, as much as you like.

We just don't have a good place to stash and validate them, so that when I visit your website (or my bank) I know which cert to expect. As soon as you invent this central place, you get the authority back again.


Well, yes, but every browser and http tool is going to have alarms blaring shouting at the user that this site "isn't secure"--which isn't exactly true. A self-signed certificate is no different from one rubber stamped by a CA, the only difference is my self-signed cert is mine and mine alone, and the rubber stamped one I willingly rescinded my keys to a third party.

What's funny (and sad) is we kinda do have a solution. In RFC 6698[1], using DNSSEC, we could use DNS-based Authentication of Named Entities (DANE) to have TLS without a CA, now, unfortunately, DANE is not supported literally anywhere anyone cares about, but we have it, no CA needed. As far as I see it, there is no reason to need a CA.


DANE is a certificate authority, just one baked into the DNS, where nobody has any recourse for misissuance. That's not the reason it failed in the marketplace (it failed because widespread crappy middleboxes maul DANE DNS requests, which means you can't deploy it in a mode without obvious downgrade attacks), but it's the reason nobody is putting much effort into coming up with a second iteration for it that might be workable --- after stapling failed, I think it's pretty much dead.


"man bcopy" on BSD:

'If len is zero, no bytes are copied.'

Seems reasonable.


As I understand that doesn't imply that it's not undefined to pass NULL pointers. While not what most users expect/want it's possible to this is just a wrapper around an memcpy() which will only be correct to call with valid destination and source pointers even if the length is zero.


But is it "well off people not having a problem paying a buck or two directly or indirectly to an american corporation to be able to bounce traffic" which you refer to as "most people"? I can see how a few billion other people would have problems with that concept for many reasons apart from the obvious financial one.

And for everyone that does pay this "internet tax", it only strengthens the position of said corporations to be able to buy up even more of the available routable ips. It's not hard to see that the end result is very much not in the consumers favor, regardless of how unnecessary it feels for customers currently to have a real ip when all they want is kitten animations on social media.


This still feels like a poor idea. It is as if the manufacturer of the boards don't really know where the serial port is mapped or where the USB is, but 3 months later someone will fix a DTB that allows you to find it.

Noone would accept an x86 pc to not know itself well enough to hand you a list of its parts, but for some reason having to find the right mix of kernel, u-boot and DTB is considered "fine" for ARM boards, which I don't really understand.


This was "answered" in 2013 at the end of this post, https://marc.info/?l=openbsd-misc&m=136724343006024&w=2

I guess it hasn't changed since.


OpenSSH 9.8/9.8p1 (2024-07-01) seems to have fixed this.


I think it might have gotten them a few more sales initially, then more people would figure C64-with-gfx-and-sound sufficed and not moved on to learning ASM on it, and in turn not produce the awesome music, graphics effects and games that in turn helped sales later on. I think it would end up equal or even worse.


https://en.wikipedia.org/wiki/Rabin%E2%80%93Karp_algorithm and https://en.wikipedia.org/wiki/Rolling_hash#Cyclic_polynomial can be used to find common substrings and is used by deduplicating programs.


> When spyware holds your ass, it already has everything on you and doesn't need any vulnerability.

..because it uses one of the available local escalation tricks, where sending RA to ::1 could be one of those if that is a thing.


Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: